function Login($username, $password, $forward)
{
APP_User::get()->login($username, $password);
if (APP_User::loggedIn()) {
if (!empty($forward)) {
header("Location: {$forward}");
}
}
}
/**
* logs a member out and deletes the session for the member
*
* @access public
* @return bool
*/
public function logOut()
{
if (!isset($_SESSION) || !$this->isLoaded()) {
return false;
}
// if "stay logged in active, clear memory cookie
$this->removeSessionMemory();
$keys_to_delete = array('IdMember', 'MemberStatus', 'Status', 'lang', 'IdLang', 'IsVol', 'UserName', 'stylesheet', 'Param', 'TimeOffset', 'PreferenceDayLight', 'MemberCryptKey', 'LogCheck', 'RightLevel', 'RightScope', 'FlagLevel');
foreach ($keys_to_delete as $key) {
if (isset($_SESSION[$key])) {
unset($_SESSION[$key]);
}
}
/**
old stuff from TB - we don't rely on this
if (!isset($this->sessionName))
return false;
if (!isset($_SESSION[$this->sessionName]))
return false;
$this->loggedIn = false;
unset($_SESSION[$this->sessionName]);
*/
$query = "delete from online where IdMember={$this->getPKValue()}";
$this->dao->query($query);
if (isset($_COOKIE) && is_array($_COOKIE)) {
$env = PVars::getObj('env');
if (isset($_COOKIE[$env->cookie_prefix . 'userid'])) {
self::addSetting($_COOKIE[$env->cookie_prefix . 'userid'], 'skey');
setcookie($env->cookie_prefix . 'userid', '', time() - 3600, '/');
}
if (isset($_COOKIE[$env->cookie_prefix . 'userkey'])) {
setcookie($env->cookie_prefix . 'userkey', '', time() - 3600, '/');
}
if (isset($_COOKIE[$env->cookie_prefix . 'ep'])) {
setcookie($env->cookie_prefix . 'ep', '', time() - 3600, '/');
}
}
// todo: remove this when app_user is finally removed
APP_User::get()->setLogout();
session_unset();
session_destroy();
$this->wipeEntity();
session_regenerate_id();
return true;
}
public function logout()
{
$User = APP_User::get();
$User->logout();
}
public function settingsForm()
{
$User = APP_User::get();
if ($User) {
$location = $this->_model->getLocation($User->getId());
} else {
$location = false;
}
require 'templates/settingsform.php';
}
?>
</p>
</form>
<script type="text/javascript">document.getElementById("login-u").focus();</script>
</div>
<!-- END -->
<?php
// and remove unused vars
PPostHandler::clearVars($callbackId);
} else {
/*
* STATUS AND LOGOUT FORM
*/
$c = $User->logoutProcess();
$currUser = APP_User::get();
$navText = $i18n->getText('navText');
$countrycode = APP_User::countryCode($currUser->getHandle());
$words = new MOD_words();
?>
<div class="floatbox">
<p><?php
echo $words->getFormatted('UserLoggedInAs');
?>
<br />
<a href="user/<?php
echo $currUser->getHandle();
?>
">
<?php
echo $currUser->getHandle();
function TestIfIsToReject($Status)
{
if ($Status == 'Rejected ' or $Status == 'Banned') {
LogStr("Force Logout GAMEOVER", "Login");
APP_User::get()->logout();
die(" You can't use this site anymore");
}
}
/**
* check if the user is a logged in member
* @$ExtraAllowedStatus allows for a list, comma separated of extra status which can
* be allowed for members in addition to the basic Active and ActiveHidden members.Status
* this means that in the default case :
* (IsLoggedIn()) will return true only if the member has a session
* with an IdMember and a Status like Active or ActiveHidden
* in the extended cases
* (IsLoggedIn("Pending")) will also return true if the member has a
* a status set to Pending, this allow to give specific access to
* other members than the one with Active or ActiveHiddend Status
*
* @return boolean
*/
function IsLoggedIn($ExtraAllowedStatus = "")
{
if (empty($_SESSION['IdMember'])) {
return false;
}
if (empty($_SESSION['MemberCryptKey'])) {
// LogStr("IsLoggedIn() : Anomaly with MemberCryptKey","Bug");
return false;
}
if ($_SESSION['LogCheck'] != Crc32($_SESSION['MemberCryptKey'] . $_SESSION['IdMember'])) {
LogStr("Anomaly with Log Check", "Hacking");
APP_User::get()->logout();
header("Location: " . PVars::getObj('env')->baseuri);
exit(0);
}
if (empty($_SESSION["MemberStatus"])) {
$strerror = "Members with IdMember=" . $_SESSION["IdMember"] . " has no \$_SESSION[\"MemberStatus\"]";
error_log($strerror);
LogStr($strerror, "Debug");
die($strerror);
}
if ($_SESSION["MemberStatus"] == 'Active') {
return true;
}
if ($_SESSION["MemberStatus"] == 'ActiveHidden') {
return true;
}
if (!empty($ExtraAllowedStatus)) {
// are there allowed exception ?
if (!isset($_SESSION["MemberStatus"])) {
$ret = print_r($_SESSION, true);
die("no \$_SESSION[\"MemberStatus\"] in IsLoggedIn() " . "<br />\n" . $ret);
}
$tt = explode(",", str_replace(";", ",", $ExtraAllowedStatus));
if (count($tt) > 0 and in_array($_SESSION["MemberStatus"], $tt)) {
return true;
}
}
return false;
}
